WHAT IS CLAIMED IS: 



1. A remote access system for accessing a predetemiined resource from a 
remote place, comprising: 

5 an access target unit to be accessed; 

an accessing xmit for accessing the access target unit; and 

a connection unit for standing proxy for the access target unit to the accessing unit, 
wherein the accessing unit comprises: 

storage means for storing a certificate in which access privilege with regard 
10 to the resource is described; and 

presenting means for presenting the certificate stored in the storage means to 
the access target unit having the resource, 
the connection unit comprises: 

verification means for verifying the certificate received from the accessing 

15 imit; and 

transmission means for transmitting the certificate verified by the 
verification means to the access target vmit specified by the accessing unit, and 

the access target xmit comprises determination means for determining according to 
the certificate transmitted by the connection unit whether to permit the accessing unit to 
20 access the resource. 

2. A remote access system according to Claim 1, wherein the connection unit 
connects a network which includes the access target unit and another network to each 
other. 

25 

3. A remote access system according to Claim 1, wherein the certificate 
includes proxy information which indicates that the connection unit stands proxy for the 
access target unit. 
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4. A remote access system according to Claim 1, 

further comprising an authority for issuing an issue permission certificate serving 
as a certificate for giving permission to issue to the accessing unit, the certificate in which 
access privilege with regard to the resource is described, 
5 wherein the connection imit issues the issue permission certificate issued by the 

authority, to the accessing unit. 

5. A remote access system according to Claim 4, wherein the certificate in 
which access privilege with regard to the resource is described includes information 

10 indicating that permission to issue to the accessing unit the certificate in which access 
privilege with regard to the resource is described is given, as role information indicating a 
role assigned to the connection xmit. 

6. A remote access system according to Claim 1, further comprising a 
15 certificate authority for issuing a public-key certificate based on a public-key 

cryptosystem, to each entity constituting the remote access system. 

7. A remote access method for accessing a predetermined resource from a 
remote place, comprising: 

20 a storage step of storing a certificate in which access privilege with regard to the 

resource is described; 

a presenting step of presenting the certificate stored in the storage step to an access 
target unit having the resource; 

a verification step of verifying the certificate received from an accessing unit for 
25 accessing the access target unit; 

a transmission step of transmitting the certificate verified in the verification step to 
the access target unit specified by the accessing unit; and 
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a determination step of determining whether to permit the accessing unit to access 
the resource, according to the certificate transmitted by a connection unit for standing 
proxy for the access target unit to the accessing unit. 



5 8. A remote access method according to Claim 7, wherein a network which 

includes the access target unit and another network are connected to each other. 

9. A remote access method according to Claim 7, wherein the certificate 
includes proxy information which indicates that the connection unit stands proxy for the 

1 0 access target unit. 

10. A remote access method according to Claim 7, fiuther comprising a step of 
issuing an issue permission certificate serving as a certificate for giving permission to 
issue to the accessing imit, the certificate in which access privilege with regard to the 

15 resource is described, 

wherein the issue permission certificate issued by the authority is issued to the 
accessing unit. 

11. A remote access method according to Claim 10, wherein the certificate in 
20 which access privilege with regard to the resource is described includes information 

indicating that permission to issue to the accessing \mit the certificate in which access 
privilege with regard to the resource is described is given, as role information indicating a 
role assigned to the connection unit. 

25 12. A remote access method according to Claim 7, further comprising a step of 

issuing a public-key certificate based on a public-key cryptosystem, to each entity 
constituting the remote access method. 
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13. A remote access program executable by a computer, for accessing a 
predetermined resource from a remote place, flie program comprising: 

a storage step of storing a certificate in which access privilege with regard to the 

resource is described; 

a presenting step of presenting the certificate stored in the storage step to an access 

target vmit having the resource; 

a verification step of verifying the certificate received from an accessing unit for 

accessing the access target unit; 

a transmission step of transmitting the certificate verified in the verification step to 
the access target unit specified by the accessing unit; and 

a determination step of determining whether to permit the accessing unit to access 
the resource, according to the certificate transmitted by a connection unit for standing 
proxy for the access target unit to the accessing unit. 
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